Posted
by
samzenpus
on Tuesday December 29, 2015 @06:00PM
from the read-between-the-lines dept.

blottsie writes: In an interview with the Daily Dot on Tuesday, Adam Segal, director of the Council on Foreign Relations' Digital and Cyberspace Policy Program explained what China's new anti-terrorism law contains, what aspects of it remain uncertain, and how China's interest in encrypted technology fits into its longtime strategy of regulating speech within its borders. On the subject of Apple and Chinese relations he says: "We seem to be on a road of eventual confrontation between the Chinese government and Apple. Apple may have to make a decision about what it’s going to do to remain in the China market like lots of other companies. So far, it hasn’t been explicitly laid out that way. The Chinese government hasn’t said, 'We’re not going to allow end-to-end [encryption],' but that clearly seems to be the trend. I’m sure that U.S. tech companies that are providing [end-to-end encryption] are beginning to think that they may be facing a 'high noon at the O.K. Corral' kind of moment."

The Chinese will wait until the US, UK and Australia implement this first, then will activate their own rules.

Yes, some presidential candidates have said this, but now it is "controversial" because China said it?

Might actually be fun. "If I'm elected to be your president, I'll follow in the footsteps of China to limit your encryption. Don't ask what you can encrypt for your country but ask what you can send in plain text for country!"

- create a new encryption algorithm with a government backdoor- ship it in builds destined for China, and make it the default- don't ship it anywhere else- now nobody outside of China is made insecure, *plus* savvy people in China can just disable it- profit!

Apple implementation of iMessage uses public key encryption; The device (iPhone) has a security chip that generates the keys and performs the encryption.... The public key is given out, while the private key is inaccessible to the CPU (even if it's rooted). This makes end-to-end encryption a de-facto part of the iMessage protocol-- but also makes it difficult to install an (undetectable) backdoor.

It seems to me that China doesn't need to confront Apple... or Google for that matter. They control the network. China can just continue to "encourage" their citizens to use state-friendly social media platforms, and continue to make it hard-to-impossible to use non-Chinese alternatives like Twitter, Whatsapp, or iMessage.

So if Apple never has your private key, how do messages arrive at all of your devices in a readable form? How do your private key(s) get from one device to the other?Simple answer: they don&rsquo;t. You&rsquo;ve actually got one set of keys for each device you add to iCloud, and each iMessage is encrypted independently for each device. So if you have two devices &mdash; say, an iPad and an iPhone &mdash; each message sent to you is actually encrypted (AES-128) and stored on Apple&rsquo;s

Which, incidentally, means that it is likely possible for Apple to surreptitiously add a device to your account. So upon subpoena, it seems likely that Apple could grant access to all future messages, just not messages that have already been sent.

China, India, the EU, America, etc, will come together on a treaty binding agreement by which each nation has access to their own citizens data without compromising the sovereignty and rights of others. Born out of this unholy alliance will be a "Government API" baked into the next iOS, OSX, Android, Windows, and other commercially available OSs**, and possibly at the hardware level too. What this means is that when you activate your new devices, you choose where you live (as you abide by their laws). From there, your encryption will be chosen with the system that the respective nation has access to.

**I begin not to suspect what will happen to open source platforms other than deemed to be illegal (possibly).

Seems unlikely in practice, until you remember how precisely how stupid & lazy people are, myself first & foremost. That kind of govAPI, though, would hopefully kick more than just me & the Estonians awake.

Remember the Clipper Chip? Yes, that could be brought back as an international standard of sorts. Imagine all PCs, Servers, Phones and consumer hardware having this per the law. Now, the only way to run an OS is for the kernel to be cryptographically signed. I'm sure there will be exceptions that allow for internal alpha and beta testing inside the buildings at Apple and Microsoft. But once the final release of Windows, OSX, or iOS goes public, the binaries must first be fingerprinted and the kernel signed